No wireless technology is hack-proof, and Bluetooth is no exception. Clever cybercriminals rely on three tried-and-true strategies to covertly access devices through Bluetooth hacking.
- Bluejacking: Using one Bluetooth-enabled device to hijack another and send phishing messages
- Bluesnarfing: Extracting information from a device through a Bluetooth connection
- Bluebugging: Using a Bluetooth connection to gain backdoor access to your device.
There are several things you can do to keep your Bluetooth-enabled devices safe from these types of attacks.
- Install security patches and updates.
- Make your Bluetooth device not discoverable.
- Don’t share sensitive information via Bluetooth.
- Be careful who you connect with.
- Turn your Bluetooth off.
- Don’t pair devices in public.
- Unpair devices as needed.
Read our full article to find out more safety tips, learn how Bluetooth works, and compare the pros and cons of this convenient technology.
Bluetooth is an integral part of the technology landscape today. From smartphones to keyboards to cars, people connect devices invisibly and automatically without thinking twice. The question is: how secure is Bluetooth?
As with any wireless system, your data could be seen by unintended recipients. It’s not only about people discovering which music you stream to your Bluetooth headphones, either. Bluetooth could expose a great deal of data from your mobile phone, laptop, or computer.
Now is the time to get up to speed about all things Bluetooth: what it is, how it works, common Bluetooth attacks, and tips for maximizing Bluetooth security.
What is Bluetooth?
Bluetooth technology is a protocol for establishing a local network to exchange data wirelessly between nearby devices. In other words, with Bluetooth, you can share information between, for example, your phone and your headphones without needing a cable.
Bluetooth is an open standard, meaning anyone can freely use the technology without a license. This is one of the main reasons why Bluetooth is so popular and is built into more and more devices every day.
The technology was developed in the early nineties by Jaap Haartsen, who worked for Ericsson. Today, you can find almost everything with Bluetooth connectivity — from wireless headphones to speakers to the refrigerator in your kitchen. A majority of newly manufactured devices come with built-in Bluetooth functionality.
Types of Bluetooth
Back in the early 90s, no one would have imagined that Bluetooth would be as prevalent as it is today. At that time, it was developed to transmit data between “stupid” devices that were close to each other. Meaning, the technology was rather simple and insecure. The first Bluetooth-enabled phone didn’t hit the market until 2001.
Bluetooth has had to evolve and catch up with modern technological advances. As a result, countless Bluetooth versions exist today. To make it easier, Bluetooth can be categorized into two kinds.
Bluetooth Classic
This is the most commonly used type of Bluetooth. This type is used to transmit high amounts of data over a long period.
Think of your phone transmitting music to your wireless headphones or your gaming PC transmitting your actions to a wireless controller. In the process, it consumes a lot of power.
Bluetooth Low Energy
On the other hand, Bluetooth Low Energy (BLE) was invented as a variation of Bluetooth for low-energy devices. For example, FitBit devices that run on a small battery over a long period. Such devices periodically exchange small amounts of data. Otherwise, they go into sleep mode until a connection is initiated again thus saving energy.
The most current version of Bluetooth is 5.2, and from 2023, much older versions will be scraped. New devices must use versions 4.2 and up.
How Does Bluetooth Work?
Bluetooth wirelessly connects different devices, such as your phone and your laptop. It eliminates the need for a USB cable when you want to exchange data between two devices. Bluetooth technology uses short-wavelength UHF radio waves to establish the connection, making it essentially a radio connection. Bluetooth operates at frequencies between 2.402 and 2.480 GHz.
Pairing Bluetooth devices
Bluetooth devices must be close to one another to be able to exchange information, usually within a distance of 10 meters (30 feet). Because the broadcast signals are very weak, they usually do not affect other devices operating at the same frequency.
When you connect two Bluetooth-enabled devices for the first time, this is called pairing. You have to approve each new connection, which makes Bluetooth relatively secure. Once devices connect for the first time, the pairing is usually “remembered,” and future connections will happen automatically when both devices have Bluetooth activated and are near each other.
Sending data over Bluetooth
Although a Bluetooth connection is relatively weak, it remains effective enough for data transfer. The songs you listen to, for example, are sent instantly from your Spotify app to your headphones.
It’s possible to connect up to eight devices on one network. However, only one device (the “master”) can send data. All the other devices in different locations in your home, for example, are “receivers/slaves.”
To keep this connection stable, Bluetooth uses frequency hopping. This means the connection jumps between different frequencies within its range. There are 79 frequencies each Bluetooth network can choose from, so frequencies that are already being used by other devices, such as your garage door, can easily be avoided.
Is Bluetooth encrypted?
Yes. Since BLE 2.1, Bluetooth encryption is mandatory after devices have been paired.
However, Bluetooth security and encryption standards are tricky due to the different types of Bluetooth available and the variety of devices that use it. For example, how two mobile phones pair and encrypt data via Bluetooth is different from how a phone connects to wireless earphones.
In devices that have an input like a screen, the encryption works by using a “link key” to exchange encrypted data. For security reasons, the link key is not sent via the air to avoid it from being sniffed by a malicious third party.
So how do authorized devices get this link key so they can start exchanging information? Two devices that are connecting for the first time will go through an initialization phase (pairing) that will “associate” them. The key is generated when the user enters identical PINs into both devices, which the devices use to generate their secret link keys.
How is Bluetooth Used?
Bluetooth has become a ubiquitous part of our daily lives. We use Bluetooth technology every day in a variety of ways, often without even thinking about it.
Bluetooth Use | Description |
---|---|
Connecting devices Bluetooth | Bluetooth allows you to play music through wireless speakers or headphones. It also connects your laptop or computer to your wireless mouse, keyboard, or printer. Modern cars use Bluetooth to play music from your mobile device through the car’s speakers, make hands-free calls, use navigation, and reply to messages. |
Sharing files | You can easily share files with Bluetooth. Photos, videos, and music are all transmitted seamlessly among devices. |
Tethering to create a hotspot | If you don’t have internet access on your computer, but do have access to a mobile network, tethering enables you to use your phone as a hotspot. This way, you can continue browsing on your laptop without it having its own Wi-Fi connection. |
Securing your home | There are special locks or security systems that can be connected to your smartphone via Bluetooth, so you can use your phone as a key. |
Protecting your computer | You can download programs that ensure your computer is only accessible if your phone is within Bluetooth range. Since our phones are usually where we are, this means your laptop can only be used when you are around. |
Monitoring your health | The healthcare sector makes frequent use of Bluetooth-enabled devices. Fitness trackers are just one example, making Bluetooth very useful in the gym. Another example is a Bluetooth-enabled pacemaker that transmits data to an app on your smartphone. The information is sent directly to your healthcare professional, which reduces the need for in-person visits to the doctor. |
The Pros and Cons of Bluetooth
Bluetooth offers many advantages, but there are drawbacks, too. We discuss both below.
Pros of using Bluetooth
Bluetooth lets you connect to multiple devices and send files or play music with a few clicks.
- Wireless: You can use headphones without annoying cord tangles. Your printer, mouse, and keyboard don’t need cables, keeping your desktop uncluttered.
- Automatic & easy: You only have to enable Bluetooth on both devices for them to be able to “find” each other. Once paired, all future connections happen automatically.
- Compatible: Bluetooth can connect devices of all kinds, regardless of operating system or manufacturer.
- Multiple devices: A Bluetooth network can connect up to eight devices, with one being the “master” that controls all other connected devices.
- Secure connection: Because you must approve connections that are not already part of your network and Bluetooth only works at short distances, it is difficult (but not impossible) to intercept the signal.
Cons of using Bluetooth
If left unsupervised, your Bluetooth connection can drain your battery and open your device to attacks.
- Battery drainer: Despite relatively low energy consumption needs, you still have to charge Bluetooth devices frequently. If your smartphone has Bluetooth enabled, the battery drains faster.
- Health concerns: Although no direct link has been found, there are questions about the relationship between Bluetooth radiation and health issues like dizziness, sleeping problems, anxiety, depression, and even brain tumors.
- Easy to find: Bluetooth technology easily finds nearby devices. This advantage is also a potential risk. Hackers can see which devices are nearby and attack. This is a risk in public spaces, like airports, trains, and cafés.
- Short range: To work reliably, your Bluetooth-enabled devices must be within about 10 meters of each other. This limitation makes Bluetooth a poor choice for some wireless applications.
- Slow data transfers: Wireless technology has limits on how fast it can transmit data. While the latest versions of Bluetooth are much faster than their predecessors, they are still no match speed-wise to other technologies like Wi-Fi and USB.
Can Bluetooth Be Hacked?
No wireless technology is 100 percent safe, and Bluetooth is no exception. So how secure is Bluetooth? Unfortunately, your Bluetooth connection can be hacked. There are three common ways criminals go about Bluetooth hacking: bluejacking attack, bluesnarfing, and bluebugging.
Bluejacking
This type of cyber attack involves one Bluetooth-enabled device hijacking another and sending spam messages to the hijacked device. Mostly it is an annoyance, but if a recipient falls for such a phishing attempt and clicks on a link in one of these spam messages, bigger issues can arise. The link often takes you to a website where your personal information is stolen or malware is installed on your device.
Bluesnarfing
A bluesnarfing attack is similar to bluejacking but more sinister. Where bluejacking only sends information to your device, bluesnarfing also extracts information from your device. Data like text messages, photos, emails, and even the identifying information your device sends to your ISP can all be stolen. Most Bluetooth hackers will use this information for a variety of purposes, none of them good.
Bluebugging
In this type of Bluetooth hacking, hackers establish a surreptitious Bluetooth connection with your phone or laptop. They then use this connection to gain backdoor access to your device. Once in, they can spy on your activity, access your sensitive information, and even use your device to impersonate you on any apps on your device, including the apps you use for online banking.
This kind of attack is called bluebugging because it resembles the way one might bug a phone. Once control over the phone is established, cybercriminals can use it to call themselves and listen in on conversations.
Examples of Bluetooth Attacks
No device is immune from Bluetooth security risks. There are plenty of examples of cybercriminals hacking Bluetooth.
Although most of these vulnerabilities were patched in time, it shows that Bluetooth hacking is possible. As such, it’s incredibly important to incorporate proactive measures into your online security routine.
BlueBorne Attack (2017)
In 2017 the well-known BlueBorne attack showed that hacking Bluetooth technology was possible without the attacker being paired to the device. Devices could be infected even when they were in non-discoverable mode.
Once hacked, the device could be fully controlled by the hacker, then used to access networks and steal data, initiate ransomware demands, and spread malware to other nearby devices. Virtually any Bluetooth-enabled device was susceptible to a BlueBorne attack.
The vulnerability was patched in 2017 by Google (Android), Windows, iOS, and Linux for their respective devices.
BlueFrag Leak (2020)
In 2020, ERNW discovered that on Android 8.0 to 9.0, an attacker in proximity to the targeted device could silently execute arbitrary code on the phone through Bluetooth as long as it was enabled. The vulnerability allowed hackers to steal personal data or spread a worm virus.
The issue was patched in a security update by Google in February 2020.
Bluewave Zero-Click Bugs (2020)
In 2020, a collection of security vulnerabilities in Apple’s macOS Bluetooth system allowed hackers to take over devices through Bluewave Zero-Click Bugs. This means they were able to compromise a device even if the user didn’t open a malicious link or attachment and even without contact with the device.
Apple released a security patch in 2020 and awarded the research team an award of $75,000 for discovering and reporting the vulnerabilities.
BleedingTooth (2020)
In 2020, a researcher at Google discovered a set of Zero-Click vulnerabilities in the Linux Bluetooth subsystem called BlueZ. The vulnerability allowed a malicious actor in close proximity to execute arbitrary code with kernel privileges on vulnerable devices. Essentially taking over the device without the user’s knowledge.
The Google researcher informed both BlueZ and the Linux Bluetooth Subsystem maintainers (Intel). Who later released security patches and integrated them into the Linux Kernel.
Bluetooth Privacy Concerns
Many apps, including popular ones from Facebook, Google, and others, use your device’s Bluetooth functionality to monitor your location. Furthermore, smart devices such as fitness trackers or Bluetooth speakers that use Bluetooth to communicate with mobile apps can be hacked and the attacker can “listen in” or collect data.
Your location can be tracked using Bluetooth
When you turn off Bluetooth on your device’s settings, it stops transmitting but still recognizes nearby Bluetooth signals. App makers use these Bluetooth signals to pinpoint your location.
This means that app makers can track you anywhere you go and maintain data about your daily movements (if you carry your device with you). The scariest bit is that Bluetooth allows for very accurate tracking.
Many app makers state in their privacy statements that they use Bluetooth to track your location, but as we all know, most people don’t read these statements in detail. As such, most everyday consumers are not aware of the risks.
You can protect your privacy by carefully reading the privacy statement to see if the apps you install make use of Bluetooth to track your location. Because location tracking needs your permission, you can manually turn off this permission for those apps.
Your Bluetooth devices can be fingerprinted
In 2019, a security team from Ohio State University discovered there was an inherent flaw in mobile apps that work with Bluetooth. The flaw leaves the devices vulnerable both during the pairing procedure and when they are operating.
The problem lies in how Bluetooth Low Energy devices communicate with the mobile apps that control them. A Bluetooth speaker, for example, communicates with the app on your mobile phone by broadcasting a universally unique identifier (UUID).
The UUID that allows your mobile app and the Bluetooth speaker to talk, is embedded in the mobile app code. Otherwise, your mobile app wouldn’t be recognizable to the Bluetooth speaker. However, embedding the UUIDs in the mobile app makes them susceptible to a fingerprint attack.
So in cases where encryption is not used or is used improperly, threat actors would be able to connect to your devices using its UUID and “snoop in” on your conversations.
In the end, however, the Ohio State University researchers discovered that the vulnerabilities were easy to fix and made recommendations to app developers and industry groups.
How to Tell if Your Bluetooth is Hacked
Most Bluetooth security attacks are subtle and give the attacker access to a device without the knowledge of the user. However, there are some telltale signs a user can look out for to determine if their Bluetooth has been hacked. By following these steps on how to prevent Bluetooth hacking, you can protect your devices from snooping cybercriminals.
NOTE: The signs below could be caused by other issues besides hacking, such as misconfigured apps, faulty hardware, and much more.
1. Device becomes slow
In some cases, when a threat actor gains a foothold into your device through Bluetooth hacking, they may install malicious software (malware). The objective of the malware could vary. In most cases, its purpose is to steal your data and transmit it to a remote server.
Malware has to be constantly running and transmitting data in the background for this to be successful. Which requires a lot of resources hence slowing down your phone, at times considerably.
2. Battery drains quickly
If you notice a sudden spike in how fast your battery drains, check to see if it’s not a malfunctioning battery or a misconfigured legitimate app consuming the resources. In the case of the former, replace the battery if it’s removable, otherwise consult with the appropriate technician.
For the latter, uninstall any apps in your phone’s app Settings that are consuming way more resources than they should.
If both of these actions don’t lead to a change, it’s time to consider you may be infected with malware. Today, attackers install all sorts of malware from adware, cryptocurrency miners, to mobile spyware.
3. High data consumption
Once your Bluetooth is hacked, the next step is for the attacker to establish a connection between your phone and an external server. This connection can be used to transfer your files such as contact lists, email addresses, passwords, and other sensitive data.
To do this requires high data usage. If you notice a big jump in your data consumption it could be an indication that something else might be going on under the hood.
In summary, malware has become harder to detect. On most mobile devices, harmful software such as spyware does not appear on the app list in Settings, making it difficult for normal users to find it. We recommend using an antivirus program to thoroughly scan your phone and root out any malware.
How to Use Bluetooth Safely
With these security and privacy risks in mind, it’s important to know how to create a safe Bluetooth environment. Here are some tips on how to secure Bluetooth devices:
1. Install security patches and updates
The best way to protect yourself is to update your operating system as soon as patches become available. After discovering the BlueBorne vulnerability, for example, Google and Amazon released new updates that protect users against these types of attacks. Thus, the vulnerability was remedied fairly quickly. Users protected themselves when they installed the latest update, even if they didn’t know about the threat.
Keeping all your apps and systems up-to-date is a very easy way to stay protected.
2. Make your Bluetooth device not discoverable
The most common Bluetooth attacks involve hackers targeting Bluetooth devices that are nearby and discoverable. Make it harder for hackers to zero in on your device by setting Bluetooth to “not discoverable.” How you do this depends on the device.
3. Don’t share sensitive information via Bluetooth
Considering the relative vulnerability of Bluetooth, it’s good practice to avoid sending sensitive information via your wireless connection. If you need to send private photos, passwords, login information, or the like, use a more secure means to transmit that data.
4. Be careful who you connect with
Keep your Bluetooth secure by not accepting Bluetooth connection requests from unknown sources. Hackers might send out these requests in the hopes that someone gives them access.
If you aren’t sure who is asking to pair with your device and for what reason, decline or ignore the request.
5. Turn Bluetooth off
Although the fact that Bluetooth devices automatically find other devices is a very useful feature, it also makes your devices prone to attacks.
To save your phone’s battery and better protect yourself against attacks, it’s wise to turn Bluetooth off until you need it. This is especially true when you’re in public areas, like airports, train stations, and restaurants.
If you’re concerned that you won’t remember to turn Bluetooth on and off, don’t worry. There’s an app for that. Many automation apps such as If This Then That and Tasker can be set up to automatically turn off your Bluetooth when you leave a location or disconnect from a device. Not only will this help keep your Bluetooth secure from hackers, but it will also give a slight boost to your device’s battery life.
6. Don’t pair in public
When you do want to establish a connection with a known device, try to pair the two for the first time in a secure location. Resist the temptation to immediately pair that new set of Bluetooth headsets outside the store where you bought them. Wait until you get home or back to your office.
Using this strategy, you can better control the discoverability of your Bluetooth device, since, after the initial pairing, you won’t have to make your Bluetooth device discoverable to connect with your new wireless headsets.
7. Unpair as needed
Get in the habit of deleting any old Bluetooth pairings you no longer need or use. You can find your current pairings in the Bluetooth settings on your device. While most pairings are probably harmless, like that AirBnB speaker you connected to last year, having unused pairings on your device exposes you to unnecessary risk, even if the threat is small.
How to Make Bluetooth Undiscoverable
Making your Bluetooth connection undetectable is one way to keep your device safe. Here’s how you can toggle “not discoverable” on your devices.
Make Bluetooth not discoverable on Android
If you’re using Android, here’s how you can hide your Bluetooth device from others:
- On your Home screen, tap Menu > Settings > Connections.
- Click on More connection settings.
- Turn off the Nearby scanning devices option.
This will make your device invisible to other unpaired Bluetooth devices. Any previous pairings will remain accessible.
Make Bluetooth not discoverable on iPhone
According to Apple, the only time your iPhone’s Bluetooth is discoverable is when you have the Settings > Bluetooth screen active. Once you exit Settings, your device is no longer discoverable or available for new pairings.
Make Bluetooth not discoverable on Windows 10
To keep your Windows 10 Bluetooth hidden from other devices, do the following:
- Click Start > Settings > Devices > Bluetooth & Other Devices.
- Turn Bluetooth ON.
- Click More Bluetooth Options.
- Untick the Allow Bluetooth devices to find this PC box.
Previously paired devices will still be able to connect to your computer, even with discoverability turned off.
Make Bluetooth not discoverable on Macbook or iMac
Unlike iPhones, your Macbook or iMac lets you toggle the discoverability of Bluetooth. Here’s how:
- Open System Preferences.
- Click on Sharing.
- Uncheck the Bluetooth Sharing box.
You can always verify the status of your Mac’s discoverability by going to Option and clicking on the Bluetooth icon in the top menu bar.
Will a VPN Make Bluetooth Secure?
One question we often get is whether a virtual private network (VPN) can be used to make your Bluetooth secure. Although a VPN is one of the best ways to ensure your overall online security, it won’t directly protect you against the threat of Bluetooth hackers.
VPNs keep you safe when accessing the internet on public Wi-Fi (like when you’re on the train or in a café), cloak your actual location, and encrypt the data you send online. These strategies all keep you safe from prying eyes. As such, we recommend that all our readers use a VPN when they can. Just keep in mind that a VPN won’t keep you safe from attacks via Bluetooth.
Will Antivirus Software Keep Bluetooth Safe?
Another question that security-minded people often ask is whether an antivirus program will keep their Bluetooth secure. While an antivirus program should be an essential part of your overall online security, it cannot stop a cybercriminal from hacking your Bluetooth. However, what the antivirus will do is keep you safe from the malware often installed as part of a Bluetooth hack.
To learn more about what antivirus software does and which we consider the best, read our review of the top antivirus software of this moment. If you want immediate protection, we suggest Kaspersky. They offer a variety of plans with different levels of protection and their software is very easy to install and use. Kaspersky will be able to protect a lot of the malware Bluetooth hackers might infect your device with.
Final Thoughts
Bluetooth has made our lives a lot easier. We listen to our favorite music without getting tangled up in pesky cords. Our wireless keyboard and mouse keep our workspace uncluttered. Driving our vehicles is safer with a multitude of hands-free options.
While this helpful technology doesn’t come without security risks, you can easily create a secure Bluetooth environment by taking the following precautions.
- Install security patches and updates.
- Make your Bluetooth device not discoverable.
- Don’t share sensitive information via Bluetooth.
- Be careful who you connect with.
- Turn your Bluetooth off.
- Don’t pair devices in public.
- Unpair devices as needed.
By incorporating a few common-sense strategies into your routine, you can enjoy Bluetooth more and worry less about what nearby hackers might be up to. To enhance your security measures further, you should use a VPN and an effective antivirus.
Still have questions? Looking for more information? Check out the questions we get the most about Bluetooth.
There are a number of things you can do to maximize the security of your Bluetooth connection:
- Turn off Bluetooth when you’re not using it.
- Set your Bluetooth to not discoverable.
- Install system updates and patches whenever they are issued.
- Be mindful of which devices you pair with.
To find out more about Bluetooth security risks and other ways you can stay safe while using this convenient technology, read our full Bluetooth guide.
When Bluetooth is turned off, hackers attempting a Bluetooth attack can’t see your device. This is the safest way to avoid a Bluetooth attack. But it is not practical, since most people use Bluetooth every day for some purpose.
The best strategy is to get in the habit of turning off Bluetooth whenever you’re not using it. If you have trouble remembering to do so throughout the day, there are a number of apps out there that will do it for you.
You can easily see which devices you’re actively paired with by reviewing your Bluetooth settings. There will be a list of all devices you’ve previously paired with and the status of your connection to each. If you see an active connection you don’t recognize, terminate it immediately and forget the device.
Bluetooth devices emit only low levels of nonionizing radiation. The U.S. Food and Drug Administration notes that routine exposure to this type of radiation is considered harmless to humans. Medical experts generally agree that it’s highly unlikely radiation at the levels generated by Bluetooth headphones poses any health safety risks to wearers.
You can make your Bluetooth device not discoverable in different ways, depending on your device:
- iPhone: automatically hides your Bluetooth connection anytime the Bluetooth settings screen isn’t actively open
- Android, Mac, and Windows: turn on the hidden mode in your Bluetooth settings
Read our full article on Bluetooth safety for step-by-step instructions on how to do this for each device.
Thanks for this excellent article. A question: if a bluetooh hacker gets access to your phone in one of the ways described: (a) can they do whatever they do even if you don't click any links; and (b) will they continue to have access by some other means once that bluetooth connection is terminated, if you don't click any links, etc?
Hi Neil!
We asked one of our experts to answer your questions:
(a) Absolutely, yes. Your vulnerability isn’t just about clicking on sketchy links. A technique known as “bluebugging” can allow hackers to “bug” your device and take control over your phone to make calls, send texts, and even browse the internet. There’s also “bluesnarfing,” which is about stealing your personal info like photos, contacts, and messages. All of this can happen if your Bluetooth is turned on and set to “discoverable.”
(b) Generally, no. Most Bluetooth-based attacks require an active connection to your device. So, once you cut that Bluetooth link or move out of range they should be out — unless, of course, you clicked on some malicious links or downloaded shady files (malware). That being said, if your Bluetooth is still turned on and you’re within range, the hacker may attempt to reconnect. It’s good practice to disable Bluetooth when not in use and to keep your phone’s software up-to-date, and try to avoid Bluetooth pairing in public. It is also important to use premium real-time antivirus software. Note: Manufacturers regularly push out patches that fix known vulnerabilities, including Bluetooth security issues.
We hope this helps!
Hello, I wanted to use a wireless headset for work as I work from home and running to grab the door with a headset and laptop is not always easy lol. Would a headset with a dongle thing as my work laptop doesn't have Bluetooth as it has been removed, would work? I have a mouse a keyboard plugged and they work, and how secure would it be?
I don't think this will work as per Company's group policy. You have to speak with your i.t. Admin to configure goesit and allow this Bluetooth and/or Bluetooth dongle setting/connection
Very thorough overview Thank you. a query about the Apps/phones concerning ability to continue tracking when both Bluetooth and location services are off: do you know of a way to disable the actual tracking or pinging of the phone itself or to turn it off generally for all apps?
You can turn it off in the 'Location Services' menu on your phone (on iPhone it's under 'Settings' and then 'Privacy'). Still, with all the different types of connections this is not a guarantee that you can't be tracked altogether (there's also triangulation by cellphone signal, Wifi-hardware location, etc.).
Thanks for this article. I have been looking for information about the safety of Bluetooth in Covid-19 tracking apps such as the one here in Australia. This article mentions Coronavirus tracking apps but then the advice on how to protect your security is incompatible with using such apps, ie. they require you to keep Bluetooth running so they can do Bluetooth handshakes with other users.
I imagine there might be a few people searching for information about the safety of these apps and the "Bluetooth handshake" so I was wondering if you can give any more specific information regarding that feature and how to best protect your privacy while using the apps. Also whether so many people using it at the same time will provide an enticing environment for hackers* to develope ways to simulate or hijack the handshake.
* "hackers" - I'm not sure if that's specifically what they are called but I'm sure you get my drift anyway.
You're right. With Coronavirus tracking apps, there's a careful balance between privacy and safety that needs to be found. On the one hand, you don't want the app's owners to be able to track your every move and any possible hackers misusing the app, while on the other hand we want to use the app to keep the virus under control. If your app works with Bluetooth, many of the dangers and risks described in this article will be relevant. We'll investigate this matter a little more and update our article with information and advice specific to Covid-29 tracking apps as soon as possible!
Nice article, but on my phone (Sony Xperia X) there is no function to allow only trusted bluetooth devices.
At least none that I can find. ☹️
This is not necessarily a function of your phone, but a way for yourself to ensure your safety. If you only connect to bluetooth devices that you know and trust, like your own headphones or a speaker, you will remain safer. The option to add a trusted bluetooth device to your phone can help you with this. If you're connected to a device you trust, simply add it to your trusted list and you'll be able to find it more quickly later. This should also be possibly on Sony Xperia X. Go to your settings, then 'lock screen & security', then 'Smart Lock'. If you tap 'Trusted devices' here, you can add one for bluetooth. Good luck!